Announcement

Collapse
No announcement yet.

Security Logon on OX

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Security Logon on OX

    Hello,

    I want create an discussion about the security logon on OX Server.

    With some software of hacking, on OX installation default, we can use force brute on all protocol : HTTP, POP3, SMTP, IMAP.

    first idea :
    - add certificate SSL for all protocol for encryption data
    - add some lock policy
    - add warning on OXADMIN (or all page administration web)

    For certificate, It is simple : Buy and setup.

    For lock policy, I can begin work on pam software. But I need information and council from OX Team Developer.

    For warning, It will second taff after lock policy.

    Thanks.

  • #2
    and :
    - long password
    - duration password

    Comment


    • #3
      Well, I suppose we can work on the HTTP side of things, because the authentication in POP3, SMTP and IMAP are all done by the subsystems (postfix, cyrus). The question is whether you can set up these subsystems to behave as you described.

      The last two points would be enhancement requests, so could convince you to write an enhancement request in our bugzilla?

      Comment

      Working...
      X